Anyone living in the digital age has to be familiar with the dreaded task of creating a password. People often tend to create predictable passwords, mainly because we are afraid that we will end up forgetting them ourselves. Most passwords tend to be related to something in the password creator’s life – a name, location, or phrase. We then try to make them a bit more complicated by adding a number here or a capital letter there.
However, it’s not as simple as that. Predictable passwords make a hacker’s job easier while making your online presence riskier at the same time. Hackers could gain access to your personal information, bank accounts, and even your physical location.
How Hackers Break the Code
There are a number of different ways that hackers could try to break into your system or gain access to your accounts with the intention of changing, destroying, or stealing your data. This includes installing malware on your system, breaking into an unsecured network connection, or brute force attacks. The last of those is what we’re discussing here.
A brute force attack is when a hacker launches a trial-and-error method of gaining access to someone’s accounts by trying every possible combination they can come up with. They may do this manually by gaining information from you that they can then use to guess your password – this is called social engineering.
Or they could trawl the dark web to find your old passwords, which could have been leaked without anyone ever finding out. This is why anyone who knows anything about technology knows that you should frequently change your passwords. As an extreme, a hacker could also create bots that go through all possible combinations of passwords. According to a hacking expert, modern computer bots are able to make up to over a billion guesses in just one second!
This may make you feel like there’s no way to truly be safe on the internet. But is there any way to drive on the road feeling 100% invincible? The internet has become as integral to our lives as roadways. So, just like you buckle your seatbelt and try to drive as safely as possible, you should make sure to protect your virtual self to the best of your ability. To make sure you are safe online, there are a few ways that you can create passwords that are hacker-proof. The first is to avoid common iterations of passwords that are used.
Most Common Passwords
Here are some passwords that you should avoid at all costs, according to recent data:
According to SplashData, a number combination is one of the most commonly used passwords in 2022. In fact, 7 of its top 10 most used passwords are a different combination of numbers, including 123456789, 123123, 111111, and at the top of the list: 123456.
While it’s important to add a number or two to your password, it’s imperative that you do not make it as obvious as that. These are the passwords that hackers will go through before trying anything else.
This might come as a surprise to you (or not, considering that it is on the list of most common passwords), but “password” is a password that is used a LOT. Whatever you do, avoid using this as your password, including any iterations of the word including numbers and/or symbols!
Qwerty is to letters as 123456 is to numbers, making it the most popular letter combo for passwords. Trailing closely behind is “qwertyuiop”. Believe it or not, running your fingers across the top of the keyboard isn’t a very clever idea for a password, and hackers are no idiots either! Other popular variations of this password include adding a number in between each of the letters or adding numbers to the end of qwerty. Therefore, it’s better to abandon this stream of thought altogether!
While 7 of the top 10 most common passwords are made up of numbers, the other 3 are common phrases, including qwerty and password. The other one is iloveyou. Beyond the top 10 list, there are many more common phrases that make it onto a hacker’s list to try due to their popularity. These include the likes of sunshine, princess, superman, admin, login, master, football, dubsmash, and many more.
Gaining access to your device isn’t the only way a hacker can crack your password. If they know any bit of information about you, they may be able to guess your password if it is based upon personal connections.
According to Google, child, spouse, and pet names are the most commonly-used passwords. Hackers know this too, so they will try any combination that includes their names until they “crack the code”. In fact, in an epic reversal of karma, authorities were able to break into the account of an infamous hacker by guessing his password ‘Chewy123’, which was the name of his cat followed by a sequence of numbers.
Similar to names of important figures in your life, people also tend to make their passwords based on important dates in their lives. Birthdays and anniversaries may seem like an obvious choice of password to you, but the same can be said for someone with malicious intent. Since these dates are pretty easy to figure out, Google says you should avoid them at all costs.
How to Create the Best Password
So, what is the best password?
By now, you may be scratching your head trying to come up with something that isn’t any of what we’ve mentioned above. However, creating a strong password isn’t as complicated as it may seem. The best password you can create is by using a random password generator that comes up with a series of numbers, letters, and symbols. However, truth be told, these can be difficult to remember, especially if you are to change them frequently, as recommended. One way to get around this dilemma is to save these passwords in a safe place, either on your device or software like Google authenticator.
The other way to make a strong password that isn’t easy to guess is a passphrase. “A passphrase is a sentence-like string of words used for authentication that is longer than a traditional password, easy to remember, and difficult to crack,” says TechTarget. An ideal passphrase should be at least 12 characters long, should include at least 1 number, 1 symbol, 1 lowercase letter, and 1 uppercase letter, and should not have any personal connection to you.
Here is an example that was provided by a random passphrase generator online: Wisdoms75Lordosis21Marvelous!